Cyberattack meant to warn Iran against targeting Israeli infrastructure
A cyberattack on Iran's Shahid Rajaee port last week was
meant to warn the Islamic Republic against targeting Israeli infrastructure,
after a reportedly Iranian cyberattack targeted Israeli water systems last
month.
On May 11, Mohammad Rastad, Managing Director of the Ports
and Maritime Organization (PMO), announced that a cyberattack managed to damage
a number of private systems at the Shahid Rajaei port, confirming that the
attack was carried out by a foreign entity, according to Fars.
While Rastad stressed that operations had not been disrupted
by the attack, US and foreign government officials told The Washington Post
that traffic in the area came to a halt and was plagued with issues for a
number of days.
According to The New York Times, the attack was a direct
response to a cyberattack on Israeli water infrastructure and was meant to send
a message to Iran that they shouldn't try targeting Israel infrastructure.
Earlier this month, Israel’s security cabinet met to discuss
an alleged Iranian cyberattack on Israeli water and sewage facilities that took
place on April 24.
The attack caused a pump at a municipal water system in the
Sharon region of central Israel to stop working. Operation resumed shortly
after, but it was recorded as an exceptional event, according to the Times.
A security company that investigated the incident found that
malware caused the shutdown and the incident was reported to the Israel
National Cyber Directorate and other Israeli intelligence agencies. Israeli
officials found that the malware had come from one of the offensive cyberunits
in the Iranian Revolutionary Guards Corps (IRGC). The attack and the quality of
the attack were described as "miserable" by intelligence officials,
according to the Times.
Although the attack on Israel's water system did not cause
substantial damage, it was still seen as a substantial escalation by the
Iranians, especially since the attack targeted civilian infrastructure.
Initially, Israeli officials had decided not to retaliate
for the attack on the water system, as the attack would have been minor even if
it had succeeded, but changed their minds after news of the attack was
published in Israeli media, according to high-ranking intelligence officials
and experts in the region.
Government officials, led by then defense minister Naftali
Bennett, felt that Israel should respond similarly by targeting Iranian
civilian infrastructure and then leaking it to international media.
The Shahid Rajaee port was specifically chosen because it
was not a central target and would send a warning that attacks on Israeli
civilian infrastructure would not go unanswered and crossed a red line.
No more than 20 freight ships enter the Shahid Rajaee port every
month. The port's authorities detected the cyberattack soon after it began, but
failed to fix it immediately.
According to the Times, the restrained nature of both
cyberattacks seems to indicate that both sides want to avoid an escalation.
While one intelligence official said that Israel hopes the attack on the port
will end the current cyber exchange, an intelligence assessment stated that the
IRGC could respond with another attack on Israel.
Israeli security officials instructed sensitive facilities
and national infrastructure to increase awareness and alertness amid fears of a
cyberatack by Iran or a pro-Iranian group after reports about Israel's
involvement in the cyberattack on the Iranian port were published, according to
Walla! news.
While Israeli officials have remained silent about the
reports, IDF cyberdefense officials and the Israel National Cyber Directorate
raised their awareness and preparedness levels in preparation for a number of
possible complex situations and attacks.
Cyberdefense companies and officials were asked to direct
their employees to not open files or messages from sources they don't know or
aren't sure about. Emphasis was put on messages concerning the coronavirus which
could be used in cyberattack attempts.
Israel's Chief of Staff, Gen. Aviv Kochavi, appeared to
reference the cyberattack on the Iranian port at a ceremony on Tuesday, saying
"We will continue to use a diverse array of military tools and unique
warfare methods to hurt the enemy."
On Tuesday, Iranian officials continued to deny that the
attack had caused any major trouble or disruption, according to Fars.
The Washington Post, which first reported on Tuesday that
Israel was likely behind the attack on the port, added that the attack halted
traffic and caused “total disarray” at the Shahid Rajaei Port.
Satellite photographs showing miles-long traffic jams on
highways leading the Shahid Rajaee port and dozens of loaded container ships
waiting just off the coast were shown to the Post as well.
The cyberattack was “highly accurate,” according to a
security official with a foreign government that monitored the incident, which
reportedly took place on May 9, two days before Iranian officials acknowledged
it had occurred.
“If Israel is the one who responded to the Iranian attack
that targeted civilian infrastructure, Israel is making it clear that civilian
systems should be left out of battle,” explained former IDF intelligence chief
and executive director of the INSS Amos Yadlin on Twitter. “This is a
significant message about the vulnerability of Iran’s financial systems to
Israeli cyber abilities.”
Comments
Post a Comment